VIP (Validation ID Protection)

This year, Symantec is replacing the SSL certificates that we use with replacements that chain to the G2 root CA. This change will happen in two phases:

• Phase 1 (May 2025): Update browser-based SSL connections, including the portal endpoints for VIP Manager, My VIP, ID Center, VIP Login, and the original Self Service Portal (SSP). 

You should see no impact if you and your end users have updated to browsers that support the G2 root CA.

• Phase 2 (July 2025): Update API-based connections, including all certificates used by VIP Enterprise Gateway, and the various plug-ins that integrate with the VIP Authentication Service. 

It is imperative that you take action before Phase 2 to ensure that you do not experience service interruptions:

• Upgrade your instance of VIP Enterprise Gateway to version 9.11.x (or use the G2 CA loader tool for 9.10).

• Upgrade the VIP Enterprise Gateway plugins (Apache, IIS, and ADFS) if they are being used to the latest versions.

• If you have developed custom clients, ensure those are also updated to support the G2 root CA.

We will continue to send updates about this change throughout the next few months to keep you informed. 

We have also prepared a Knowledge Article (Required DigiCert G2 Root CA Migration) that has more details about the versions available and the update timelines which you can reference at any time. We will update this KB article if any details change, so we recommend that you refer to this article periodically.

Sincerely, 

VIP product team

Hi all,

The dates for Phase 1 and 2 have been delayed. Phase 1 is now slated for July (combined with upcoming maintenance) and Phase 2 will be done in October. Please take note and subscribe to notifications for VIP from the support portal. We did a product advisory a few weeks back.

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/ProductAdvisories/0/35853

Sincerely,

VIP product team